Bugs item #565804, was opened at 2002-06-07 06:09 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=565804&group_id=22866
Category: None Group: v3.0 Rabbit Hole >Status: Closed >Resolution: Fixed Priority: 5 Submitted By: Andrew Thorn (sigbur) Assigned to: Nobody/Anonymous (nobody) Summary: JBossUserPrincipal not cleared Initial Comment: I have an application that regressed between JBoss 3.0 RC3 and JBoss 3.0.0 Final. A call from a JSP to session.invalidate() has become inconsistent. Using FORM based login to a Jetty web application. I have set up a security-constraint in web.xml that protects index.jsp and requires someone with 'user' role must be logged in to see it. If the web application is accessed from the http://myhost:8080/mywebapp/ URL, index.jsp is displayed without forwarding to the login.jsp named in the login-config. If http://myhost:8080/mywebapp/index.jsp is accessed, the forwarding to login.jsp *is* done. A call to session.invalidate() in my logout.jsp used to work properly, but now it doesn't seem to clear the session properly. The web application will still intermittently remember who was logged in last. As stated, JBoss 3.0RC3 does not exhibit this behaviour. The following log trace occurred after the following sequence. Log in as admin, navigate application for a little while. Log out (with session.invalidate()) then log in as publisher. Log out. Then I was able to go to my index.jsp, and when it forwarded to login.jsp, the 'admin' principal suddenly reappeared as active. 2002-06-07 09:03:27,679 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:27,680 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,082 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: admin 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher2002-06-07 09:03:27,679 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:27,680 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,082 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: admin 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher2002-06-07 09:03:27,679 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:27,680 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,082 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: admin 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher2002-06-07 09:03:27,679 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:27,680 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: publisher is in Role: publisher 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,079 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,082 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: user 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is in Role: admin 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher 2002-06-07 09:03:38,083 DEBUG [org.jboss.jetty.security.JBossUserRealm#SDPA] JBossUserPrincipal: admin is NOT in Role: publisher What changed that might have caused this kind of thing to happen? Should I be reporting this against Jetty? -S ---------------------------------------------------------------------- >Comment By: Scott M Stark (starksm) Date: 2002-09-24 14:36 Message: Logged In: YES user_id=175228 This should be fixed, restest against a recent version. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=565804&group_id=22866 ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
